Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lTddx-J3g75APzfLeGDrRL_VrlU.roa
File: lTddx-J3g75APzfLeGDrRL_VrlU.roa (raw, json)
Hash identifier: E/FxSvqa0psEZwxDlkoQ6XrA53rcH6EbZ9EA7B/rYHQ=
Subject key identifier: 95:37:5D:C7:E2:77:83:BE:40:3F:37:CB:78:60:EB:44:BF:D5:AE:55
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB271977E9F1A426870686C0B867EC
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lTddx-J3g75APzfLeGDrRL_VrlU.roa
Signing time: Mon 01 Jan 2024 02:29:51 +0000
ROA not before: Mon 01 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35346
IP address blocks: 194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
178.175.176.0/22 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 31 May 2024 18:59:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:27:19:77:e9:f1:a4:26:87:06:86:c0:b8:67:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=95375dc7e27783be403f37cb7860eb44bfd5ae55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c1:22:13:f3:df:8f:5d:c4:55:e4:1f:a1:bc:
fa:5d:5d:45:fb:79:13:2d:57:ab:1c:a3:7d:34:85:
79:66:7e:ed:07:42:8a:e2:12:f7:e2:b1:cb:53:88:
24:3c:df:a9:02:83:50:02:ee:e4:bc:e6:c3:1d:78:
2a:26:36:7a:a6:52:e1:f9:e8:b2:3e:91:cd:d6:e6:
f7:23:39:89:63:11:fd:d5:8e:02:77:ed:1c:96:50:
cf:9e:ab:5a:42:32:ce:f2:ce:ea:82:e1:6a:62:47:
53:10:55:e4:38:42:46:ea:6b:37:54:b7:07:55:06:
51:c0:35:9d:19:0a:d7:74:5c:39:d8:81:4a:25:18:
0e:85:0e:7a:5c:88:ee:da:e9:90:92:0f:04:33:80:
cb:7c:94:81:d9:f7:4c:2b:43:1c:3a:82:af:de:fd:
6a:85:bd:c4:16:9c:e9:c8:51:50:3a:53:ee:f1:b6:
ad:29:50:40:4f:1a:58:cd:84:cf:4e:4f:69:ed:fe:
20:99:d1:aa:ec:90:f1:2f:32:be:de:de:e3:5c:c7:
ef:51:64:ba:86:77:6e:8b:9e:de:0a:4b:99:ba:c7:
07:94:2c:8a:1f:9c:38:9b:6a:88:4a:e2:64:80:82:
0c:d9:e6:e0:8d:8f:46:ef:58:57:cc:2e:ac:06:10:
9a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:37:5D:C7:E2:77:83:BE:40:3F:37:CB:78:60:EB:44:BF:D5:AE:55
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/lTddx-J3g75APzfLeGDrRL_VrlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
90:79:f9:15:35:45:26:52:e0:d3:0b:2b:70:f5:4b:fd:9d:95:
b7:06:15:f9:2d:cb:e3:a8:48:de:9f:c3:9a:43:a6:7e:09:c2:
f1:6e:ad:75:7b:0e:c2:2d:85:12:88:10:88:34:73:4b:88:d1:
10:9d:99:62:b0:67:94:52:07:6a:ba:95:2e:d0:98:43:68:2a:
05:bd:43:ed:a7:c9:45:6f:c6:60:e0:d8:50:8a:36:64:4f:03:
fb:a9:7d:e0:d0:79:34:1e:d0:5c:1d:5b:71:78:d1:f3:49:14:
6d:99:cb:46:ac:68:ce:41:f7:58:b4:7a:b7:a2:ca:eb:4c:64:
a2:52:cc:43:52:d4:aa:77:71:bc:7f:57:db:a6:f7:e5:49:3e:
a4:f5:0f:94:ad:ff:c5:5e:33:6a:72:1c:31:ba:4f:68:67:48:
a2:a9:57:f0:bd:9f:e1:ec:53:36:a4:be:47:76:92:ce:9e:b0:
56:5e:9d:d6:0e:ce:dc:4c:10:ee:da:35:13:63:74:15:18:a6:
d0:4c:a7:99:8c:25:5d:22:d2:c4:ff:9b:68:3d:1d:08:4a:2e:
44:f1:0d:4f:cc:02:73:64:aa:94:b6:1e:ac:45:d7:02:ed:3e:
44:0e:fc:cd:21:07:0f:bc:6d:7b:a1:91:8f:02:e7:e4:34:99:
dd:68:bb:d2
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzC2ycZd+nxpCaHBobAuGfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTM3NWRjN2UyNzc4M2JlNDAzZjM3Y2I3ODYwZWI0NGJmZDVhZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8EiE/Pfj13EVeQfobz6XV1F+3kT
LVerHKN9NIV5Zn7tB0KK4hL34rHLU4gkPN+pAoNQAu7kvObDHXgqJjZ6plLh+eiy
PpHN1ub3IzmJYxH91Y4Cd+0cllDPnqtaQjLO8s7qguFqYkdTEFXkOEJG6ms3VLcH
VQZRwDWdGQrXdFw52IFKJRgOhQ56XIju2umQkg8EM4DLfJSB2fdMK0McOoKv3v1q
hb3EFpzpyFFQOlPu8batKVBATxpYzYTPTk9p7f4gmdGq7JDxLzK+3t7jXMfvUWS6
hndui57eCkuZuscHlCyKH5w4m2qISuJkgIIM2ebgjY9G71hXzC6sBhCa7QIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFJU3Xcfid4O+QD83y3hg60S/1a5VMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbFRkZHgtSjNnNzVBUHpmTGVHRHJSTF9WcmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQALUN0AwQG
W/JAAwQCsq+wAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkqhkiG9w0B
AQsFAAOCAQEAkHn5FTVFJlLg0wsrcPVL/Z2VtwYV+S3L46hI3p/DmkOmfgnC8W6t
dXsOwi2FEogQiDRzS4jREJ2ZYrBnlFIHarqVLtCYQ2gqBb1D7afJRW/GYODYUIo2
ZE8D+6l94NB5NB7QXB1bcXjR80kUbZnLRqxozkH3WLR6t6LK60xkolLMQ1LUqndx
vH9X26b35Uk+pPUPlK3/xV4zanIcMbpPaGdIoqlX8L2f4exTNqS+R3aSzp6wVl6d
1g7O3EwQ7to1E2N0FRim0EynmYwlXSLSxP+baD0dCEouRPENT8wCc2SqlLYerEXX
Au0+RA78zSEHD7xte6GRjwLn5DSZ3Wi70g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:42 2024 by rpki-client on console-fra.rpki-client.org